Sat, Feb 13
Wed, Feb 10
The now used /var/run thingy solves all these problems nicely. In fact we may eventually remove the use fallback of using sockets in the GNUPGHOMEDIR.
Jan 28 2021
Jan 27 2021
Jan 26 2021
T4702 is our release info task for 2.3.0
@gniibe Hi! Can you estimate, when this feature will be released?
I have not found this patch in the latest GnuPG release tags (in the Git repository) either by the name or the commit hash.
Jan 11 2021
Lowered priority because in reality it is not possible to get a certificate for an arbitrary SigG key on the card. Only accredited CAs may issue certs and they want to keep full control over the key generation.
Jan 8 2021
Jan 7 2021
do_sign() calls find_fid_by_keyref() which does a switch_application(). So, I think the SigG application should already be active. But, yes, please have a look at it.
We need to switch to the SigG application. Shall I look at it?
Jan 6 2021
Jan 5 2021
It seems you have a pretty good understanding and also test cases at hand. May I ask you to apply the suggested pacthes to master?
Dec 25 2020
Dec 23 2020
Already have set another, thanks gnibe! See ya!
Please change your passphrase for your card, BTW.
Good. The error recovery worked well.
Dec 22 2020
$ gpg --card-status $ gpgconf --kill scdaemon $ git fetch << (Used my PIN, I have reverted to my previous code other day, is not anymore 123456)
Dec 21 2020
Yes, that worked. Thanks for the tip and sorry for the noise ;-)
I think that ... For some reason, your private key file under .gnupg/private-keys-v1.d has wrong serial number.
Thank you for your testing.
May I ask more test, please?
Dec 20 2020
Hi, I have applied both patch and appears Yubikey is now working correct. I have uploaded the log here.
Dec 18 2020
Yes, makes sense. Although, you should use datalen = indatalen; in the last line (to prevent typos in the numbers).
IIUC, for completeness, it would be good to add the lines like:
Dec 17 2020
Dec 16 2020
Nice, I gonna apply the patch and see if resolves for me!
Dec 11 2020
Reading the code again, I think that some configuration of NKS card doesn't work well, when it has no certificates but keys (e.g. IDLM config).
I'm going to fix do_readkey as well (the approach #1).
Dec 10 2020
With my Yubikey NEO, when I use OTP (touching the button to generate OTP output as key input), I observed "card eject" event:
2020-12-10 11:23:05 scdaemon[7254] DBG: ccid-driver: CCID: interrupt callback 0 (2) 2020-12-10 11:23:05 scdaemon[7254] DBG: ccid-driver: CCID: NotifySlotChange: 02 2020-12-10 11:23:05 scdaemon[7254] DBG: ccid-driver: CCID: card removed 2020-12-10 11:23:05 scdaemon[7254] DBG: enter: apdu_get_status: slot=0 hang=0 2020-12-10 11:23:05 scdaemon[7254] DBG: leave: apdu_get_status => sw=0x1000c status=0 2020-12-10 11:23:05 scdaemon[7254] DBG: Removal of a card: 0